Search CVE reports

11 – 20 of 595 results

Detailed view

Sort by:

CVE-2010-5331

Medium priority

Ignored

** DISPUTED ** In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is...

28 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2007-6762

Medium priority

Ignored

In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.

28 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2018-20855

Low priority

Ignored

An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.

28 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2018-20854

Low priority

Ignored

An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.

28 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2019-14284

Medium priority

Some fixes available 37 of 48

In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect...

36 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-5.0	—	—	—	Not affected	Not in release
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-5.3	—	—	—	Not affected	Not in release
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-5.3	—	—	—	Not affected	Not in release
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Fixed	Not in release
linux-gke-5.0	—	—	—	Fixed	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Ignored	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oem-5.4	—	—	—	Not in release	Not in release
linux-oem-osp1	—	—	—	Fixed	Not in release
linux-oracle	—	—	—	Fixed	Fixed
linux-oracle-5.0	—	—	—	Not affected	Not in release
linux-raspi2	—	—	—	Fixed	Fixed
linux-raspi2-5.3	—	—	—	Not affected	Not in release
linux-snapdragon	—	—	—	Fixed	Fixed

CVE-2019-14283

Medium priority

Some fixes available 37 of 48

In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user...

36 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-5.0	—	—	—	Not affected	Not in release
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-5.3	—	—	—	Not affected	Not in release
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-5.3	—	—	—	Not affected	Not in release
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Fixed	Not in release
linux-gke-5.0	—	—	—	Fixed	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Ignored	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oem-5.4	—	—	—	Not in release	Not in release
linux-oem-osp1	—	—	—	Fixed	Not in release
linux-oracle	—	—	—	Fixed	Fixed
linux-oracle-5.0	—	—	—	Not affected	Not in release
linux-raspi2	—	—	—	Fixed	Fixed
linux-raspi2-5.3	—	—	—	Not affected	Not in release
linux-snapdragon	—	—	—	Fixed	Fixed

CVE-2018-20856

Medium priority

Some fixes available 26 of 33

An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.

29 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Fixed	Not in release
linux-gke-5.0	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oracle	—	—	—	Fixed	Fixed
linux-raspi2	—	—	—	Fixed	Fixed
linux-snapdragon	—	—	—	Fixed	Fixed

CVE-2019-13648

Medium priority

Some fixes available 8 of 14

In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that...

36 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Not affected	Not affected
linux-aws-5.0	—	—	—	Not affected	Not in release
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-5.3	—	—	—	Not affected	Not in release
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Not affected
linux-flo	—	—	—	Not in release	Not affected
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-5.3	—	—	—	Not affected	Not in release
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not in release	Not affected
linux-gke-4.15	—	—	—	Not affected	Not in release
linux-gke-5.0	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Not affected
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Ignored	Fixed
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Not affected
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Not affected
linux-oem-5.4	—	—	—	Not in release	Not in release
linux-oem-osp1	—	—	—	Fixed	Not in release
linux-oracle	—	—	—	Not affected	Not affected
linux-oracle-5.0	—	—	—	Not affected	Not in release
linux-raspi2	—	—	—	Not affected	Not affected
linux-raspi2-5.3	—	—	—	Not affected	Not in release
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2019-13631

Low priority

Some fixes available 37 of 56

In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.

38 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	Not affected	Fixed	Fixed
linux-aws	—	—	Not affected	Fixed	Fixed
linux-aws-5.0	—	—	Not in release	Not affected	Not in release
linux-aws-hwe	—	—	Not in release	Not in release	Fixed
linux-azure	—	—	Not affected	Fixed	Fixed
linux-azure-5.3	—	—	Not in release	Not affected	Not in release
linux-azure-edge	—	—	Not in release	Fixed	Fixed
linux-euclid	—	—	Not in release	Not in release	Ignored
linux-flo	—	—	Not in release	Not in release	Ignored
linux-gcp	—	—	Not affected	Fixed	Fixed
linux-gcp-5.3	—	—	Not in release	Not affected	Not in release
linux-gcp-edge	—	—	Not in release	Fixed	Not in release
linux-gke	—	—	Not affected	Not in release	Ignored
linux-gke-4.15	—	—	Not in release	Fixed	Not in release
linux-gke-5.0	—	—	Not in release	Fixed	Not in release
linux-gke-5.3	—	—	Not in release	Not affected	Not in release
linux-goldfish	—	—	Not in release	Not in release	Ignored
linux-grouper	—	—	Not in release	Not in release	Not in release
linux-hwe	—	—	Not in release	Fixed	Fixed
linux-hwe-edge	—	—	Not in release	Ignored	Fixed
linux-kvm	—	—	Not affected	Fixed	Fixed
linux-lts-trusty	—	—	Not in release	Not in release	Not in release
linux-lts-utopic	—	—	Not in release	Not in release	Not in release
linux-lts-vivid	—	—	Not in release	Not in release	Not in release
linux-lts-wily	—	—	Not in release	Not in release	Not in release
linux-lts-xenial	—	—	Not in release	Not in release	Not in release
linux-maguro	—	—	Not in release	Not in release	Not in release
linux-mako	—	—	Not in release	Not in release	Ignored
linux-manta	—	—	Not in release	Not in release	Not in release
linux-oem	—	—	Not in release	Fixed	Ignored
linux-oem-5.6	—	—	Not affected	Not in release	Not in release
linux-oem-osp1	—	—	Not in release	Fixed	Not in release
linux-oracle	—	—	Not affected	Fixed	Fixed
linux-oracle-5.0	—	—	Not in release	Not affected	Not in release
linux-oracle-5.3	—	—	Not in release	Not affected	Not in release
linux-raspi2	—	—	Not affected	Fixed	Fixed
linux-raspi2-5.3	—	—	Not in release	Not affected	Not in release
linux-snapdragon	—	—	Not in release	Fixed	Fixed

CVE-2019-13272

Medium priority

Some fixes available 37 of 54

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging...

36 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-5.0	—	—	—	Not affected	Not in release
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-5.3	—	—	—	Not affected	Not in release
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-5.3	—	—	—	Not affected	Not in release
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Fixed	Not in release
linux-gke-5.0	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Ignored	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oem-5.4	—	—	—	Not in release	Not in release
linux-oem-osp1	—	—	—	Fixed	Not in release
linux-oracle	—	—	—	Fixed	Fixed
linux-oracle-5.0	—	—	—	Not affected	Not in release
linux-raspi2	—	—	—	Fixed	Fixed
linux-raspi2-5.3	—	—	—	Not affected	Not in release
linux-snapdragon	—	—	—	Fixed	Fixed

Export to JSON

Results by page: